aaea6d106efea7ed83c581700177976e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aaea6d106efea7ed83c581700177976e_JaffaCakes118
Size

141KB
MD5

aaea6d106efea7ed83c581700177976e
SHA1

520dc7f50888749d220188cee88e260713487d81
SHA256

2cac2df1b0e367a44152c24d9cd6e318f803f2510de76ce628a816b6de72b711
SHA512

a8922ef46a5146cba96f167d5403b43b0c7ce765e81ad62366252e47b53eac5632bd23086ac38346000e73c7aa712eaffcbc796e2658b6e8bfb249d383a4e4f1
SSDEEP

3072:sx3DP4OcnkgN62x0RQaUmNBgnXPf8O0dAAFBO6iBSBYdcZ4gc:sxzOnkd2cPw/fK3fiBHdcST

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaea6d106efea7ed83c581700177976e_JaffaCakes118

Files

aaea6d106efea7ed83c581700177976e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f1dd5612eaa97ea78efa06d696c6c9d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_adjust_fdiv
wcsstr
fflush
fgetc
toupper
__p__commode
__set_app_type
_controlfp
__setusermatherr
realloc
swprintf
sin
_initterm
_except_handler3
_acmdln
exit
log10
_errno
_XcptFilter
__p__fmode
_wfopen
_lseeki64
__getmainargs

kernel32

GetCommandLineA
UnhandledExceptionFilter
VirtualProtect
CreateDirectoryA
RaiseException
GetEnvironmentVariableA
GetStartupInfoA
SetFileTime
WaitForSingleObject
GetStringTypeA
CompareFileTime
GetModuleHandleA

oleaut32

GetErrorInfo
SysFreeString
GetActiveObject
SysStringByteLen
SetErrorInfo
SysStringLen
SysAllocStringByteLen
SafeArrayUnaccessData

ole32

OleSetClipboard
CoTaskMemFree
PropVariantClear
StringFromGUID2
OleInitialize
CoDisconnectObject
StringFromIID
CoRegisterClassObject
RegisterDragDrop
CoTaskMemAlloc

comctl32

PropertySheetW
ImageList_DragShowNolock
CreateToolbarEx
ImageList_Replace
ImageList_LoadImageA
ImageList_SetIconSize
CreateStatusWindowA
ImageList_Add

shell32

ShellExecuteW
ExtractIconExW
Shell_NotifyIconW
ExtractIconW
SHAddToRecentDocs
Shell_NotifyIconA
SHGetFileInfo
ShellExecuteEx
SHBrowseForFolderA

user32

GetFocus
CreateWindowExA
CloseClipboard
IsDialogMessageA
DestroyCursor
CallWindowProcA
SetWindowPos
GetScrollPos
GetDlgItem
GetSystemMetrics
OffsetRect
GetKeyboardType

advapi32

GetSecurityDescriptorDacl
CryptReleaseContext
DeregisterEventSource
IsValidSid
CheckTokenMembership
InitiateSystemShutdownA
RegCreateKeyExA
RegOpenKeyA
CopySid
RegCloseKey
CryptGenRandom

gdi32

CreateEnhMetaFileA
GetDCOrgEx
SaveDC
ExtCreatePen
CreateDIBSection

version

VerFindFileW
GetFileVersionInfoSizeW
VerInstallFileW
VerInstallFileA
VerQueryValueW
GetFileVersionInfoSizeA

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1dd5612eaa97ea78efa06d696c6c9d0

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

ole32

comctl32

shell32

user32

advapi32

gdi32

version

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 105KB - Virtual size: 104KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 105KB - Virtual size: 104KB